ASLR (Address Space Layout Randomization) is a security technique that randomizes the memory addresses of program sections (stack, heap, libraries) at each start. This makes it significantly harder for attackers to develop exploits that rely on fixed memory addresses.
ASLR is enabled by default in modern operating systems (Windows, Linux, macOS) and addresses ISO 27001 Annex A control A.8.9 (Configuration Management). As part of system hardening, verify that ASLR has not been disabled — older applications sometimes force deactivation. Together with DEP/NX-bit, ASLR forms the basis of exploit protection at the operating system level. Effectiveness depends on randomization entropy: 32-bit systems offer significantly less entropy than 64-bit systems.